Rising phishing cases open career prospects for ethical hackers

If you are an expert in computers and can decode a programme without much effort, give a thought to working with the Indian government or a multinational company to secure their websites from cyber attacks.

As internet hacking has in recent years become a common occurrence, nervous government agencies and corporates are seeking ethical hackers in large numbers to secure their critical data, thus opening a lucrative career opportunity for youngsters in the field of ethical hacking, say experts.

According to data by Cyber Media Research, the domestic spending on BPO-ITeS and IT services in 2012 is expected to grow by 16.6 percent over 2011 to cross Rs.43,600 crore and spending on software will grow 19.5 percent to touch Rs.18,800 crore.

“Both the private and public sectors have realised the importance of deploying suitable security solutions to protect sensitive organisational and national data, as well as engaging or employing information security professionals to actively monitor and manage threats,” Kamal Vohra, lead analyst, software and IT services and tech advisory practice, at Cyber Media Research told.

“Security is the most essential thing when it comes to internet. Today every single technology company is establishing its dedicated team of hacking experts, thus providing huge opportunities to youngsters to take this up as a career,” cyber security expert Ankit Fadia told.

According to data by the national nodal agency CERT-IN – Indian Computer Emergency Response Team – the number of phishing attacks has risen from over 102 cases in January 2010 to 1,053 cases in May 2011.

During 2011, the phishing attacks till May totalled 3,458 compared to 5,432 cases in 2010 and a mere 549 cases in 2009.

According to Fadia, it is a matter of rising concern that due to the lack of awareness many youngsters function from the wrong side of the law. This tendency needs to be curbed by introducing ethical hacking courses at various levels in reputed colleges and institutions on a large scale, he stresses.

Fadia works as a cyber security consultant with various companies, government agencies and security firms both in India and abroad, and has provided customized cyber security training and solutions to companies. Among these are Google, Citibank, Bank of Thailand, Wipro and Infosys, and many other government organizations, police forces, and corporate sectors.

However, slamming the industry for ignoring internet security to their own peril, he says most companies do not hire hackers and woo trainers from abroad only after an incident occurs.

“We need skilled people in this field 20 times more by 2015,” Narayanan Ramaswamy, executive director with consultancy firm KPMG, told.

Ramaswamy said the requirement for ethical hackers is not limited only to IT companies but such experts are also required by financial service providers, retail chains, hotels and several government agencies.

However, in the recent years the demand has outstripped the available supply of such hackers in India because of shortage of skilled hands.

“According to NASSCOM, demand for ethical hackers is estimated at over 77,000 in India every year. Against this, India is producing only 20,000-25,000 ethical hackers,” says Fadia.

The courses available in India include six-month and one-year post-graduate diploma programmes. The only prerequisite is that the person should be computer savvy and gadget friendly.

After completing the courses, students can join the government as well as private organisations as cyber security experts. The initial salary would range anywhere between Rs.25,000 to Rs.30,000.

According to Information Systems Audit and Control Association (ISACA) – the international professional association that deals with IT governance and had 95,000 members across 160 countries as of March 2011 – about 65 percent Indian companies expect to increase their spend on information security in the period April 2011-March 2012.